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DETAILED ACTION 
Continued Examination under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.1 14, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 

1 1/28/2007 has been entered. 

Response to Amendment 

2. This office action is in response to amendment /reconsideration filed on 
11/28/2007, the amendment/reconsideration has been considered. Claims 1, 6, 12, 22 
and 25-27 have been amended and claims 7-8, 23-24 and 30 have been cancelled, 
Therefore, Claims 1-6, 9-22 and 25-27 are pending for examination, the rejection cited 
as stated below. 

Response to Arguments 

3. Applicant's arguments filed on 1 1/28/2007 have been fully considered but they 
are not deemed to be persuasive. In the remarks, applicant argued in substance that 

(a) Scoredos does not teaches, "database for storing information about 
connection request". 

(b) Scoredos does not teach, "a maximum number of connections allowed in 
a cycle; and a maximum number of connection requests per requester during 
cycle". 
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(c) Scoredos does not teaches, "dropping the connection silently". 

(d) Scoredos does not teaches, "connection requests and associated 
application layer outcomes". 

(e) Reddy does not teaches, "if the throttle filter allows the transport layer 
component of the connection request, proceeding with the application layer 
component". 

As to point (a) Scoredos teaches, when an incoming IP packet is received the 
packet is then processed to determine source and destination IP addresses for the 
packet, an entry is then created in a limit table for the IP entity, if no entry for that IP 
entity exists in the table (Scoredos, Abstract). Examiner asserts that incoming IP packet 
is a connection request and creating an entry in the limit table is storing information 
about connection request. Further, according the dictionary meaning of "Database" a 
table of record or rule is within the scope of database. 

As to argument (b) Scoredos teaches, a maximum number of connections 
allowed in a cycle, where cycle is "any complete round or series of occurrences that 
repeats or is repeated ". Scoredos describes "a limit count" (which means there is a 
maximum number of connection allowed) representing a number of concurrently 
allowable connection between the IP entity and server", where first occurrence of 
connection request is a cycle. Scoredos further describe, "a maximum number of 
connection requests per requester during cycle" as recited in (Scoredos, Abstract also 
[0045]) "a limit count representing a number of concurrently allowable connection 
between the IP entity and server" where IP entity can be a single requestor. 
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As to argument (c), Scoredos teaches, "dropping connection silently" (Scoredos, 
Abstract), where Scoredos recites, the packet is blocked if the attempted connection 
would exceed the limit count for the IP entity, where blocking packet is dropping 
connection silently further details can be found in (Scoredos, [0023]). 

As to argument (d), Scoredos teaches the method of controlling connections from 
an IP to a server, which involves monitoring the status of connection/application layer 
outcomes or state of connection. Scoredos limits the connection by monitoring the state 
of concurrent connection at a time, so if connection drops client browser or application 
will hung up and therefore Scoredos does disclose appl'cation layer outcome. 

As to argument (e) Examiner respectfully disagree and cites a paragraph from 
Reddy Col.8, lines 36-49. In the light of Fig.1 and Fig.4, Reddy discloses, upon 
establishing connection which is "allowing transport layer component of the connection 
request" agents communicates to the application. It is clearly disclosed that 
communication is done via using HTTP protocol which associates a browser meaning 
browser being application layer component. 

4. Any remark, which is not in claimed language, is not being considered by 
Examiner. 

Claim Objections 

5. Claim 6 is objected to because of the following informalities: Claim recite, 
"comprises at least one of: a list of connection requestor IP address to be; in Iine4. 
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However, Examiner will read the claim as " a list of connection requestor IP address to 
be blocked". Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claim 1-3, 5, 10-20, 22 and 27-29 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Scoredos et al. (Pub. No.: US 2004/0250127 A1), hereinafter 
"Scoredos" in view of Reddy et al. (Patent No.: US 7062540 B2), hereinafter "Reddy" 
and further in view of Ben-David (Patent No.: US 6273622 B1), hereinafter "Ben". 

8. As to claim 1 , Scoredos discloses, a method for filtering transport layer 
connections with application layer information, comprising the steps of: 

receiving a connection request having an application layer component and a 
transport layer component ([0015, lines 1-4], where tcp/ip connection comprises of 
transport layer component and application layer component); 

providing a connection database to store information about connection requests 
([0016, lines 1-4], table of rules can be a database); 
the connection request comprises: 

a maximum number of connections allowed in a cycle (Scoredos, Abstract, "a 
limit count" (which means there is a maximum number of connection allowed) 
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representing a number of concurrently allowable connection between the IP entity and 
server", where first occurrence of connection request is a cycle); and 

a maximum number of connection requests per requestor during a cycle 
(Scoredos, Abstract also [0045]) "a limit count representing a number of concurrently 
allowable connection between the IP entity and server" where IP entity can be a single 
requestor); 

providing a throttle filter using data from the connection database, the throttle filter 
to filter the connection request at the transport layer component ([0016, lines 1-5]); 

applying the throttle filter to the received connection request ([0016, lines 8-9]); 

if the throttle filter blocks the transport layer component of the connection 
request, dropping the connection request silently ([0033, lines 2-4]); and 

Scoredos does not explicitly disclose, providing information about associated 
application layer outcomes; or if the throttle filter allows the transport layer component of 
the connection request, proceeding with the application layer component. However, 
Reddy teaches, providing information of associated application layer outcomes (Col.7, 
lines 64-66); and if the throttle filter allows the transport layer component of the 
connection request, proceeding with the application layer component (Col. 8, lines 5-23, 
where notifications are outcome of applications outcome which are communicated 
through firewall by web server and displayed at user interface in http form or could be a 
HTML page with time out notice or error notice or status). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Scoredos with the teachings 
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of Reddy in order to authenticate the remote user to access, monitor or execute the 
application through monitoring software based on users build up profile kept in the 
databases in appropriate domain. 

Scoredos and Reddy however are silent on "creating a soft error in a client from 
an unacknowledged connection request". 

Ben however discloses, "creating a soft error in a client from an unacknowledged 
connection request" (Ben, Fig.4, timeout for Rx of unacknowledged messages-124, 
Col.2, lines 35-45, where unacknowledged is based on timing out of a connection which 
is a soft error). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Scoredos and Reddy with the 
teachings of Ben in order to invention provides a protocol and associated method for 
enhancing the throughput and response time performance of Transmission Control 
Protocol/Internet Protocol (TCP/IP) applications and services in Internet and Intranet 
environments that use the TCP/IP protocol suite, e.g., HTTP Internet browsers, HTTP 
servers, FTP servers, etc. 

9. As to claim 12, Scoredos discloses, a system to filter server connections in an 
embedded system, comprising: 

a network interface to receive a connection request from a requestor (Scoredos, 
Fig.1, step-112, [0015, lines 13-14]) , the connection request having an application layer 
connection component and a transport layer connection component ([0015, lines 1-4], 
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tcp/ip connection means it contains header information which deals with transport layer 
and payload which contains data or deals with application layer); 

a filter device to filter connections using the transport layer connection 
component (Scoredos, [001 5, line 1 4]), the filter device including a connection 
database and a throttle filter (Scoredos, [0015, lines 3-5], where firewall is filtering 
device and set of rules is a database), the connection database to store information 
about connection requests, the throttle filter having data from the connection database 
to filter connection requests using the transport layer connection component (Scoredos, 
[0016, lines 1-5], filtering, [0016, lines 1-4], table of rules could be a database), 

the stored information about connection requests comprises (Scoredos, 
Abstract, where connection information is stored in limit table); 

a maximum number of connections allowed in a cycle (Scoredos, Abstract, "a 
limit count" (which means there is a maximum number of connection allowed) 
representing a number of concurrently allowable connection between the IP entity and 
server", where first occurrence of connection request is a cycle); and 

a maximum number of connection requests per requestor during a cycle 
(Scoredos, Abstract also [0045]) "a limit count representing a number of concurrently 
allowable connection between the IP entity and server" where IP entity can be a single 
requestor); 

a controller coupled to the filter device and the network interface (Scoredos, 
Fig.1 , element-100), the controller to apply the throttle filter to the transport layer 
connection component of the connection request (Scoredos, [0015], where firewall is 
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processing the incoming traffic which could be connection request), to drop the 
connection request silently if the throttle filter blocks the transport layer component 
(Scoredos, [0033, lines 2-4], where connection is dropped based on the limit rule and 
allowed packets will obviously be further processed), to proceed with an application 
layer connection if the throttle filter allows the transport layer component (Scoredos, 
[0033, lines 2-4], where connection is dropped based on the limit rule and allowed 
packets will obviously be further processed), to add data about the application layer 
connection to the connection database, and to update the throttle filter with information 
about the connection database (Fig.1, Step-112 and Step-101,[0015, lines 12-14], 
interface card is controller which is coupled with filtering device 101), 

Scoredos does not disclose explicitly, "an application layer connection 
component outcomes". However, Reddy teaches, "an application layer connection 
component outcomes" (Fig.2, Step-76, Col.6, lines 17-25 and lines 29-36, where 
database 76, keeps events which are outcomes of application and uses them later on 
as web server sends the response to client through HTTP protocol). 

Scoredos and Reddy however are silent on "creating a soft error in a client from 
an unacknowledged connection request". 

Ben however discloses, "creating a soft error in a client from an 
unacknowledged connection request" (Ben, Fig.4, timeout for Rx of unacknowledged 
messages-124, Col.2, lines 35-45, where unacknowledged is based on timing out of a 
connection which is a soft error). 
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1 0. As to claim 27, a computer program product having a computer-readable 
medium including computer program logic encoded thereon that, when performed on a 
computer system directs the computer system to perform the method of: 

receiving a connection request having an application layer component and 
a transport layer component ([0015, lines 1-4], where tcp/ip connection comprises of 
header information which is transport layer component and payload information which is 
application layer component); 

providing a connection database to store information about connection requests 
[(0016, lines 1-4], table of rules has the profile which could be a database), 

the stored information about connection requests comprises (Scoredos, Abstract, 
where connection information is stored in limit table); 

a maximum number of connections allowed in a cycle (Scoredos, Abstract, "a 
limit count" (which means there is a maximum number of connection allowed) 
representing a number of concurrently allowable connection between the IP entity and 
server", where first occurrence of connection request is a cycle); and 

a maximum number of connection requests per requestor during a cycle 
(Scoredos, Abstract also [0045]) "a limit count representing a number of concurrently 
allowable connection between the IP entity and server" where IP entity can be a single 
requestor); 

providing a throttle filter using data from the connection database, the throttle filter 
to filter the connection request at the transport layer component ([0016, lines 1-5) and 
[0050, lines 1-3], where limit rule is incorporated in the data structure); 
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applying the throttle filter to the received connection request ([0016, lines 7-9], 
where packets are processed through filtering functions); 

if the throttle filter blocks the transport layer component of the connection request, 
dropping the connection request silently ([0033, lines 2-4]; depending on the rule 
connection is dropped); 

Scoredos does not explicitly disclose, "an information about associated 
application layer outcomes"; or "if the throttle filter allows the transport layer component 
of the connection request, proceeding with the application layer component" or "creates 
a soft error in a requestor from an unacknowledged connection request". 

However, Reddy teaches, providing a connection database to store information 
of associated application layer outcomes (Col. 7, lines 64-66) ; and if the throttle filter 
allows the transport layer component of the connection request, proceeding with the 
application layer component (Col.8, lines 5-23, where notifications are outcome of 
applications outcome which are communicated through firewall by web server and 
displayed at user interface in http form or could be a HTML page with time out notice or 
error notice or status). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Scoredos with the teachings of 
Reddy in order to authenticate the remote user to access, monitor or execute the 
application through monitoring software based on users build up profile kept in the 
databases in appropriate domain. 
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Scoredos and Reddy however are silent on "creating a soft error in a client from 
an unacknowledged connection request". 

Ben however discloses, "creating a soft error in a client from an unacknowledged 
connection request" (Ben, Fig.4, timeout for Rx of unacknowledged messages-124, 
Col. 2, lines 35-45, where unacknowledged is based on timing out of a connection which 
is a soft error). 

11. As to claim 2, Scoredos, Reddy and Ben discloses the invention substantially as 
in parent claim 1 , including, updating the throttle filter with information from the 
connection database (Scoredos, Fig.1, Step-100, [0003, lines 5-10]). 

adding data from an application layer outcome of the connection request to 
the connection database (Reddy, Col.7, lines 64-66, where agent detects the 
application outcome as notifications which is added into database Fig.2,Step-76). 

12. As to claim 3, Scoredos, Reddy and Ben discloses the invention substantially as 
in parent claim 2, including, recording a connection requestor identifier to the connection 
database (Scoredos, [0006, lines 7-9, where IP entity is connection requestor and IP is 
identifier); and 

providing a connection requestor rank to the connection requestor identifier 
(Scoredos, [0057, lines 13-15], clearly shows that each connection has an ID against its 
connection request) and [0059, lines 1-9], where hash technique is interpreted as 
ranking to give priority for faster processing). 
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the database adds all the associated outcome events from each application and 
it will be an obvious variation to construct some sort of ranking system to give priority to 
certain client entity based on clients frequent request for certain application (Reddy, 
Col.7, lines 64-66, where notifications and events are the outcomes of applications 
running on compute, Fig. 2, Step-40). 

1 3. As to claim 5, Scoredos, Reddy and Ben discloses the invention substantially as 
in parent claim 1 , including, the throttle filter is a list of connection request 
characteristics as indicated by data from the connection database and the step of 
applying the throttle filter further comprises comparing data from the connection request 
to the list of connection request characteristics (Scoredos, [0006, lines 1-11], where limit 
table is interpreted as throttle filter). 

14. As to claim 10, Scoredos, Reddy and Ben discloses the invention substantially as 
in parent claim 1, including, the connection request is an HTTP request; the transport 
layer component is TCP connection component (Scoredos, [0015, lines 10-14]), 

the application layer component is an HTTP connection component (Reddy, 
Col.8, lines 46-49). 

1 5. As to claims 1 1 , 1 3 and 14, the claims are rejected for the same rationale set 
forth in claim 10 above. 

16. As to claim 15, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, the filter device further comprises a rate limiter to switch the 
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filter device between global and selective modes (Scoredos, [0052, lines 5-9], where 
limit table is rate limiter and allowed or blocked states are global and selective modes), 
the rate limiter to switch the filter device to global mode if a rate limit threshold is 
exceeded and to switch the filter device to selective mode if the rate limit threshold is 
not exceeded (Scoredos, Fig.1, Step-112, [0052, lines 10-14], where limit table is a rate 
limiter and if connection establishes or allowed it is a selective mode if connection is 
blocked it can be interpret as selective mode) 

the controller configured to drop the connection request silently without applying 
the throttle filter if the filter device is in global mode and to apply the throttle filter if the 
filter device is in selective mode (Scoredos, Fig.1, Step-123 [0016, lines 5-6], where, 
switch is controller to forward or drop the connection). 

17. As to claim 16, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, the rate limit threshold further comprises a limit of 
connections created in a connection cycle period (Scoredos, [0046, lines 4-6], where 
number of connections are limit threshold in a connection cycle period). 

18. As to claim 17, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, the rate limit threshold further comprises a rate of incoming 
connections ([0052, lines 1-9]). 

19. As to claim 18, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, the connection database is a table in which each entry has 
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an IP address of a connection requestor and an associated rank based on an outcome 
of a connection attempted in response to a connection request from the connection 
requestor (Scoredos, [0050, lines 1-4], database create an entry of every connection 
and [0053, lines 1-9], connection is prioritized based on prior entry and connection 
history in the database). 

20. As to claim 19, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, each entry of the table further includes a port number of the 
connection requestor (Scoredos, [0053, lines 5-9], where database also keeps an entry 
of connection port number). 

21 . As to claim 20, Scoredos and Reddy disclose the invention substantially as in 
parent claim 12, including, each entry of the table further includes a virtual routing 
forwarding table ID of the connection requestor (Scoredos, [0053, liens 1-5], where 
state table entry can be a VRF pointer assigned to each connection attempted at 
application layer). 

22. . Claims 28 and 29 are rejected for the same rationale as applied to parent claims 
1, 12 and 27 above and further, Scoredos discloses, in [0035], there is a client profile 
established which filter uses to compare before allowing or dropping the connections. 
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23. Claims 6 and 22 are rejected under 35 U.S.C 103 as being unpatentable over 
Scoredos, Reddy and Ben in view of Haviv et al. (Pub. No.: US 2002/0059517 A1), 
hereinafter, "Haviv". 

24. As to claim 6, Scoredos, Reddy and Ben discloses the invention substantially as 
in parent claim 5, including, the list of connection request characteristics further 
comprises a list of connection requestor IP addresses to be blocked as indicated by 
data from the connection database (Scoredos, [0002, lines 7-11], where set of rules is a 
database and set of rules can be a list of blocked IP addresses). 

Scoredos, Reddy and Ben however are silent on disclosing, "a list of connection 
requestor port numbers to be blocked" or "a list of connection requestor virtual routing 
forwarding table IDs to be blocked". 

Haviv however discloses, a list of connection requestor port numbers to be 
blocked" (Haviv, [0037], where blocking client ports are disclosed further creating rules 
merely to block unwanted traffic is an obvious variation, therefore blocking VRF traffic 
will be obvious to one skilled in the art). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Scoredos, Reddy and Ben as 
applied claim 1-3 and 5 above with the teachings of Haviv in order to provide a a system 
that enables filtered application-to-application communication in a server farm in a multi- 
channel reliable hardware environment (e.g. InfiniBand) and implementation of multi- 
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channel reliable communication hardware may reduce the number of communication 
software layers above. 

25. As to claim 22 has similar limitations as claim 6 and therefore is rejected for 
under same rationale. 

26. Claim 9 is rejected under 35 U.S.C 103 as being unpatentable over Scoredos 
and Reddy in view of Maruyama et al. (Pub. No.: US 2002/0124103 A1), hereinafter, 
"Maruyama". 

27. As to claim 9, Scoredos and Reddy disclose the invention substantially as in 
parent claim 1 , including, determining whether a limit of connections created in a 
connection cycle period has been exceeded (Scoredos, [0033, lines 1-2], where rule is 
set to check the connections per IP address); 

if the limit of connections created has been exceeded, dropping the connection 
request (Scoredos, [0033, lines 2-4], where exceeded connection is dropped). Scoredos 
and Reddy, however are silent on, if the limit of connections created has not been 
exceeded, determining whether a rate of incoming connections has been exceeded or if 
the rate of incoming connections has been exceeded, then dropping the connection 
request silently or if the rate of incoming connections has not been exceeded, then 
comparing requestor identification information in the TCP connection component of the 
connection request to data in the throttle filter. However, Maruyama teaches, if the limit 
of connections created has not been exceeded, determining whether a rate of incoming 
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connections has been exceeded ([0011, lines 10-20], TCP connection rate is monitored 
for security purposes). Maruyama also discloses, if the. rate of incoming connections 
has been exceeded, then dropping the connection request silently ([001 1 , lines 24-28], 
where excessive connection is dropped). Maruyama further discloses, if the rate of 
incoming connections has not been exceeded, then comparing requestor identification 
information in the TCP connection component of the connection request to data in the 
throttle filter ([0035, 16-22], where identifier in the tcp packet is examined whether to 
allow a new connection or associate with established connection). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Scoredos, and Reddy with the 
teachings of Maruyama in order to establish a monitoring system from remote computer 
to keep track of working applications by anticipating the critical notifications/outcomes 
generated by those applications and associated solutions to these outcomes. 

28. Claims 25 and 26 are rejected under 35 U.S.C 103 as being unpatentable over 
Scoredos and Reddy in view of Maruyama and further in view of Ben. 

29. As to claim 25, Scoredos discloses, a method for filtering HTTP server 
connections in an embedded system, comprising the steps of: 

receiving a connection request having an HTTP connection component and a 
TCP connection component ([0015, lines 1-4], where header information in the packet is 
TCP connection and payload data is an http connection); 
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providing a connection database to store information about connection requests 
([0016, lines 1-4], table of rules can be a database), 
the connection request comprises: 

a maximum number of connections allowed in a cycle (Scoredos, Abstract, "a 
limit count" (which means there is a maximum number of connection allowed) 
representing a number of concurrently allowable connection between the IP entity and 
server", where first occurrence of connection request is a cycle); and 

a maximum number of connection requests per requestor during a cycle 
(Scoredos, Abstract also [0045]) "a limit count representing a number of concurrently 
allowable connection between the IP entity and server" where IP entity can be a single 
requestor); 

providing a throttle filter using data from the connection database, the throttle filter 
to filter the connection request at the TCP connection component ([0016, lines 1-5], 
where switch-123 is a throttle filter); 

if the limit of connections created has not been exceeded ([0033, lines 1-2], 
where connection status can show if the limit has exceeded); 

determining whether a limit of connections created in a connection cycle period 
has been exceeded ([0033, lines 1-2], where rule has defined for maximum connection 
in limit rule also where rule is set to check the connections per IP address); 

if the limit of connections created has been exceeded, dropping the connection 
request silently (0033, lines 2-4], where exceeded connection is dropped); 

if the throttle filter blocks the TCP connection component, dropping the 
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connection request silently ([0033, lines 2-4]); 

updating the throttle filter with information from the connection database 
([0052, lines 10-12]). 

Scoredos does not explicitly discloses, if the limit of connections created has not 
been exceeded, determining whether a rate of incoming connections has been 
exceeded or if the rate of incoming connections has been exceeded, then dropping the 
connection request silently or if the rate of incoming connections has not been 
exceeded, then comparing requestor identification information in the TCP connection 
component of the connection request to data in the throttle filter or adding data from the 
HTTP connection component to the connection database. However, Maruyama 
teaches, if the limit of connections created has not been exceeded, determining whether 
a rate of incoming connections has been exceeded ([001 1, lines 10-20], tcp connection 
rate is monitored for security purposes). Maruyama also discloses, if the rate of 
incoming connections has been exceeded, then dropping the connection request 
silently ([0011, lines 24-28, where excessive connection is dropped). Maruyama further 
discloses, if the rate of incoming connections has not been exceeded, then comparing 
requestor identification information in the TCP connection component of the connection 
request to data in the throttle filter ([0035, 16-22], where identifier in the tcp packet is 
examined whether to allow a new connection or associate with established connection). 
Neither Scoredos nor Maruyama discloses, if the throttle filter allows the TCP 
connection component, proceeding with the HTTP connection component or adding 
data from the HTTP connection component to the connection database. However, 
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Reddy discloses, if the throttle filter allows the TCP connection component, proceeding 
with the HTTP connection component (Col.7, lines 41-45, where user has established 
the http connection). Reddy further discloses, adding data from the HTTP connection 
component to the connection database (Col.7, lines 41-48 and lines 4-7, where it can be 
seen that user's HTTP request has to go through security Fig.2, step-86 where his login 
will be added into security database). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Scoredos and Maruyama with 
the teachings of Reddy in order to establish a monitoring system from remote computer 
to keep track of working applications by anticipating the critical notifications/outcomes 
generated by those applications and associated solutions to these outcomes. 

Scoredos, Reddy and Maruyama however are silent on "creating a soft error in a 
client from an unacknowledged connection request". 

Ben however discloses, "creating a soft error in a client from an unacknowledged 
connection request" (Ben, Fig.4, timeout for Rx of unacknowledged messages-124, 
Col.2, lines 35-45, where unacknowledged is based on timing out of a connection which 
is a soft error). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Scoredos, Reddy and 
Maruyama with the teachings of Ben in order to invention provides a protocol and 
associated method for enhancing the throughput and response time performance of 
Transmission Control Protocol/Internet Protocol (TCP/IP) applications and services in 



Application/Control Number: Page 22 

10/681,870 

Art Unit: 2152 

Internet and Intranet environments that use the TCP/IP protocol suite, e.g., HTTP 
Internet browsers, HTTP servers, FTP servers, etc. 

30. As to claim 26, Scoredos discloses, a method for filtering HTTPS server 
connections in an embedded system, comprising the steps of: 

receiving a connection request having an HTTPS connection component and a 
TCP connection component ([0015, lines 1-4], TCP header information is a transport 
layer component and payload is a HTTPS component); 

providing a connection database to store information about connection requests 
([0016, lines 1-4], table of rules can be a database); 

the connection request comprises: 

a maximum number of connections allowed in a cycle (Scoredos, Abstract, "a 
limit count" (which means there is a maximum number of connection allowed) 
representing a number of concurrently allowable connection between the IP entity and 
server", where first occurrence of connection request is a cycle); and 

a maximum number of connection requests per requestor during a cycle 
(Scoredos, Abstract also [0045]) "a limit count representing a number of concurrently 
allowable connection between the IP entity and server" where IP entity can be a single 
requestor); 

providing a throttle filter using data from the connection database, the throttle 
filter to filter the connection request at the TCP connection component (Fig.1 , step-123, 
[0016, lines 1-5], where switch is a throttle filter which filters the connections); 
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determining whether a limit of connections created in a connection cycle period 
has been exceeded ([0033, lines 1-2], where rule is set to check the connections per IP 
address); 

if the limit of connections created has been exceeded, dropping the connection 
request silently (0033, lines 2-4], where exceeded connection is dropped); 

if the throttle filter blocks the TCP connection component, dropping the 
connection request silently ([000052, lines 13-14], where connection can be dropped 
silently or reset based on the specified rule); 

if the throttle filter allows the TCP connection component, proceeding with the 
HTTPS connection component (Col.7, lines 41-45, where user has established the http 
connection); 

updating the throttle filter with information from the connection database ([0052, 
lines 10-12]). 

Scoredos do not explicitly discloses, if the limit of connections created has not been 
exceeded, determining whether a rate of incoming connections has been exceeded or if 
the rate of incoming connections has been exceeded, then dropping the connection 
request silently or if the rate of incoming connections has not been exceeded, then 
comparing requestor identification information in the TCP connection component of the 
connection request to data in the throttle filter. However, Maruyama teaches, if the limit 
of connections created has not been exceeded, determining whether a rate of incoming 
connections has been exceeded ([0011, lines 10-20], TCP connection rate is monitored 
for security purposes). Maruyama also discloses, if the rate of incoming connections 
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has been exceeded, then dropping the connection request silently ([001 1 .lines 24-28, 
where excessive connection is dropped). Maruyama further discloses, if the rate of 
incoming connections has not been exceeded, then comparing requestor identification 
information in the TCP connection component of the connection request to data in the 
throttle filter ([0035, 16-22], where identifier in the tcp packet is examined whether to 
allow a new connection or associate with established connection). Neither Scoredos nor 
Maruyama discloses, if the throttle filter allows the TCP connection component, 
proceeding with the HTTP connection component or adding data from the HTTP 
connection component to the connection database. However, Reddy discloses, if the 
throttle filter allows the TCP connection component, proceeding with the HTTP 
connection component (Col. 7, lines 41-45, where user has established the http 
connection). Reddy further discloses, adding data from the HTTP connection 
component to the connection database (Col.7, lines 41-48 and lines 4-7, where it can be 
seen that user's HTTP request has to go through security Fig.2, step-86 where his login 
will be added into security database). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to modify the teachings of Scoredos and Maruyama with 
the teachings of Reddy in order to establish a monitoring system from remote computer 
to keep track of working applications by anticipating the critical notifications/outcomes 
generated by those applications and associated solutions to these outcomes. 

Scoredos, Reddy and Maruyama however are silent on "creating a soft error in a 
client from an unacknowledged connection request". 
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Ben however discloses, "creating a soft error in a client from an unacknowledged 
connection request" (Ben, Fig.4, timeout for Rx of unacknowledged messages-124, 
Col.2, lines 35-45, where unacknowledged is based on timing out of a connection which 
is a soft error). 

Therefore, it would have been obvious to one ordinary skilled in the art at the time the 
invention was made to combine the teachings of Scoredos, Reddy and Maruyama with 
the teachings of Ben in order to invention provides a protocol and associated method for 
enhancing the throughput and response time performance of Transmission Control 
Protocol/Internet Protocol (TCP/IP) applications and services in Internet and Intranet 
environments that use the TCP/IP protocol suite, e.g., HTTP Internet browsers, HTTP 
servers, FTP servers, etc. 

31. Claims 4 and 21 are rejected under 35 U.S.C 103 as being unpatentable over 
Scoredos and Reddy in view of Gillies et al. (Pub No.: US 2003/0212821 A1), 
hereinafter "Gillies". 

32. As to claim 4, Scoredos and Reddy discloses the invention substantially as in 
parent claim 1, however, Scoredos and Reddy are Silent on, wherein the step of 
updating the throttle filter with information from the connection database comprises 
periodically replacing throttle filter data with a preselected number of connection 
requestor identifiers ranked least desirable in the connection database. 

However, Gillies teaches, updating the throttle filter with information from the 
connection database comprises periodically replacing throttle filter data with a 
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preselected number of connection requestor identifiers ranked least (Fig. 6E, [0093, 
lines 4-16], where data is getting replaced by age and old data is getting replaced by 
new data periodically). 

Therefore, it would have been obvious to one ordinary skilled in the art at the 
time the invention was made to combine the teachings of Scoredos and Reddy as 
applied to claim 1 above, with the teachings of Gillies in order to update the data and 
discard old data with newer data in order to control the size of the database and avoid 
the multiplicity of same data. 

33. As to claim 21 , Scoredos, Reddy and Gillies discloses the invention substantially 
as in parent claim 12, including, the system wherein each entry in the table includes an 
entry age, the filter device configured to delete entries having an entry age that exceeds 
an age threshold (Fig. 6E, [0093, lines 4-16], where data is getting replaced by age and 
old data is getting replaced by new data periodically). 

34. Examiner's Note: Examiner has cited particular columns and line numbers in the 
references, as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings of the art and are 
applied to the specific limitations within the individual claim, other passages and figures 
may apply as well. It is respectfully requested from the applicant in preparing 
responses, to fully consider the references in its entirety as potentially teaching of all or 
part of the claimed invention, as well as the context. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tauqir Hussain whose telephone number is 571-270- 
1247. The examiner can normally be reached on 7:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bunjob Jaroenchonwanit can be reached on 571 272 3913. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. ^ 
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